Difference between revisions of "Opus-1.0.2"

From XiphWiki
Jump to navigation Jump to search
(Created page with "* out-of-bounds read on malicious padding (no corruption possible) == Quality-impacting == * Changed the behaviour of the PLC to always fill the user's buffer * Hybrid mode qual...")
 
m
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
* out-of-bounds read on malicious padding (no corruption possible)
+
Opus 1.0.2 fixes an out-of-bounds read that could be triggered by a malicious Opus packet causing an integer wrap-around in the padding code. Considering that the packet would have to be at least 16 MB in size and that no out-of-bounds write is possible, the severity is very low. This new release also has the following changes:
  
 
== Quality-impacting ==
 
== Quality-impacting ==
* Changed the behaviour of the PLC to always fill the user's buffer
+
* Changed the behaviour of the PLC to always fill the caller's buffer
 +
* Properly decode in-band FEC for packets with mutiple Opus frames
 
* Hybrid mode quality improvements and fixes
 
* Hybrid mode quality improvements and fixes
 
* Fixed bugs in the CELT mode PLC
 
* Fixed bugs in the CELT mode PLC
 
* Redundant mode transition fixes
 
* Redundant mode transition fixes
  
== Other minor changes ==
+
== Other changes ==
* stack reduction
+
* Stack reduction
* doc fixes (many)
+
* Doc fixes (many)
 
* 16-bit fixes
 
* 16-bit fixes
* misc build fixes
+
* Misc build fixes
* Extra API: OPUS_GET_LAST_PACKET_DURATION ctl() and opus_packet_get_nb_samples()
+
* New API calls: OPUS_GET_LAST_PACKET_DURATION ctl() and opus_packet_get_nb_samples()
* minor code cleanup
+
* Minor code cleanup
 +
 
 +
[[Category:Opus]]

Latest revision as of 08:31, 18 August 2015

Opus 1.0.2 fixes an out-of-bounds read that could be triggered by a malicious Opus packet causing an integer wrap-around in the padding code. Considering that the packet would have to be at least 16 MB in size and that no out-of-bounds write is possible, the severity is very low. This new release also has the following changes:

Quality-impacting

  • Changed the behaviour of the PLC to always fill the caller's buffer
  • Properly decode in-band FEC for packets with mutiple Opus frames
  • Hybrid mode quality improvements and fixes
  • Fixed bugs in the CELT mode PLC
  • Redundant mode transition fixes

Other changes

  • Stack reduction
  • Doc fixes (many)
  • 16-bit fixes
  • Misc build fixes
  • New API calls: OPUS_GET_LAST_PACKET_DURATION ctl() and opus_packet_get_nb_samples()
  • Minor code cleanup